DigiNator Certificate Hacking,DigiNator Security Breach 8 Pages Q&A

Feb 3rd, 2012

Studypool Tutor

Price: $15 USD

Tutor description

Over the past ten to fifteen (10-15) years, there have been many security breaches at major organizations. In many cases, the result becomes the demise of the organization. Recently, a certificate hacking incident at DigiNotar resulted in the demise of the company. Read the article titled “DigiNotar dies from certificate hack caper”.
Summarize the security breach and explain its significance to a medium-sized IT consulting company, in regard to the importance of protecting the privacy of their customers.
Analyze DigiNotar’s initial response to the incident as well as their later responses to the incident.
Suggest how DigiNotar could have better handled this security breach.
Analyze the laws and regulations involved with this incident and describe the controls that your organization needs to implement to ensure they are compliant.
Describe the non-technical factors that impacted DigiNotar in this incident and how those factors are similar in your organization and how they are different

DigiNotar Security Breach Case Study(1) Summarize the security breach and explain its significance to a medium-sized IT consulting company, in regard to the importance of protecting the privacy of their customers.DigiNotar was Dutch certificate issuing authority that was owned by Vasco Data security international that gone bankrupt soon after security breach incident that resulted in fraudulent issuance of digital certificate by hackers. DigiNotar made announcement of this security incident in late august 2011 and admitted that hackers were able to compromise system and generate number of SSL digital certificates. These digital certificates put number of internet users at privacy risk while nearly 3000,000 Gmail accounts were also compromised.DigiNotar also confirmed that they discovered the intrusion in July 19,2011 but were failed to report this breach to public and browser vendors who use these digital certificates to validate the identify of websites. A later investigation revealed that the system was first compromised in late June 2011 when nearly 500 certificates were fraudulently issued that had no records what so ever. After this incident all major browser makers issued updates to bare hackers from using these certificates.(Keizer,2011)DigiNotar incident has significant impacts on IT consulting organizations. DigiNotar security breach was different from other security incidents as it involve